Configure Group Policy on Windows Server 2022

This Windows Server 2022 Tutorial covers how to Configure Group Policy on Windows Server 2022. Group Policy is a feature of the Microsoft Windows NT family of operating systems that controls the working environment of user accounts and computer accounts. It provides centralized management and configuration of operating systems, applications, and users’ settings in an Active Directory environment. A Group Policy Object (GPO) is a virtual collection of policy settings. A GPO has a unique name, such as a GUID, A GPO can represent policy settings in the file system and in the Active Directory. A GPO can be linked to one or more Active Directory containers, such as a site, domain, or organizational unit.

Windows Server Active Directory Domain Service (ADDS) is a directory service that stores information about all objects in the domain and makes this data available to network users and administrators. Active Directory Domain Service provides secure, structured, hierarchical data storage for objects and the admin can easily manage all objects. The Active Directory Domain Controller is a server that runs Active Directory Domain Service and domain controllers to give the network user access to permitted resources anywhere on the network through a single logon process.

In this tutorial, we are going to Prohibit access to the Control Panel for a particular Active Directory organization unit.

Demo environment

  • Computer Name: server1.test.com
  • Operating System: Windows Server 2022 Datacenter
  • IP Address: 192.168.0.2
  • Domain: test.com
  • Current domain controller (DC): server1.test.com
  • DNS Server IP address: 192.168.0.2
  • Organizational unit: TEST_OU
  • A user within Organizational unit (TEST_OU): test\user1

Related tutorial

Steps for Configuring Group Policy

  1. Configuring Central Store GPO
  2. Create and configure Starter GPOs
  3. Create a GPO and Link
  4. Check the result on a client machine

Configuring Central Store Group Policy Object

The group policy central store is a central location to store all the group policy template files. This eliminates the need for admins to load and open group policy template files on systems used to manage group policy.

1. Open the Server Manager dashboard, click tools, and select Group Policy Management.

Configure Group Policy on Windows Server 2022

2. Right click on Default Domain Policy and select Edit.

Configure Group Policy on Windows Server 2022

3. On the Group Policy Management Editor, double click User Configuration, expand Policies, and then click Administrative Templates, if you check on that, you will see a note saying Administrative Templates: Policy definitions (ADMX files) retrieved from the local computer.

Configure Group Policy on Windows Server 2022

4. Access your Policies folder and create a new folder name PolicyDefinitions.

c:\windows\SYSVOL\sysvol\comsys.local

Configure Group Policy on Windows Server 2022

5. Access to your C:\windows\PolicyDefinitions folder, what you need to do here is to copy all .adml & .admx files.

Configure Group Policy on Windows Server 2022

6. Then, paste the .adml & .admx files that you copied just now into c:\windows\SYSVOL\sysvol\comsys.local\PolicyDefinitions folder.

Configure Group Policy on Windows Server 2022

7. Open the Group Policy Management Editor interface, expand User Configuration> Polices, point your cursor to the Administrative Templates folder, and verify that it reads: Administrative Templates: Policy definitions (ADMX files) retrieved from the central store.

Configure Group Policy on Windows Server 2022

Create and configure Starter GPOs

Starter GPOs are templates for Group Policy settings. It enables an administrator to create and have a pre-configured group of settings that represent a baseline for any future policy to be created.

8. Open the Server Manager dashboard, click tools, and select Group Policy Management.

Configure Group Policy on Windows Server 2022

9. Create a new Starter GPO, right-click the Starter GPOs folder, and then click New.

Configure Group Policy on Windows Server 2022

10. Enter Name and Comment for New Starter GPO and click OK.

  • Name: New Starter GPO
  • Comment: New Starter GPO
Configure Group Policy on Windows Server 2022

In this tutorial, we use Prohibit access to the Control Panel and PC settings policy for testing.

11. Right-click on New Starter GPO and Click Edit

Configure Group Policy on Windows Server 2022

12. Open Group Policy Management Editor interface.

Expand User Configuration> Administrative Templates> Control Panel and open Prohibit access to Control Panel and PC settings.

Configure Group Policy on Windows Server 2022

13. In Prohibit access to Control Panel and PC settings window, select Enable and click OK.

Configure Group Policy on Windows Server 2022

Create a GPO and Link

14. Open Group Policy Management, Right-click on OU and select Create a GPO in this domain and Link it here.

Configure Group Policy on Windows Server 2022

15. Enter Name, select Source Starter GPO, and click OK.

Configure Group Policy on Windows Server 2022

Check the result on a client machine

Client Demo environment

  • Computer Name: server2.test.com
  • Operating System: Windows Server 2022 Datacenter
  • IP Address: 192.168.0.4
  • Domain: test.com
  • Organizational unit: TEST_OU
  • A user within Organizational unit (TEST_OU): test\user1

16. Enter User Name and Password.

Configure Group Policy on Windows Server 2022

17. On the client, the machine waits for the policy to get updated automatically or manually updates the policy settings by running the command gpupdate /force in the command prompt.

Configure Group Policy on Windows Server 2022

18. Once you successfully log on, try to open Control Panel.

Configure Group Policy on Windows Server 2022

19. A restriction warning box will appear, This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator.

Configure Group Policy on Windows Server 2022
Scroll to Top